Where clause

Discussion in 'ASP General' started by eyoung@ncsa.uiuc.edu, Feb 7, 2006.

  1. Guest

    sSQL = "SELECT *" & _
    " FROM 06_Statements" & _
    " WHERE [Billing Date] = '23-DEC-2005'" & _
    " And [Total Charge] > 0" & _
    " AND Description LIKE'Cellular" & "*" & "'" & _
    " ORDER BY [Service Number]"
    set rs = Connect.Execute(sSQL)

    Can someone tell me what's wrong wth this?
    " AND Description LIKE'Cellular" & "*" & "'" & _

    I've also tried
    " AND Description LIKE'Cellular*'" & _
    as well as other versions.

    This works find but I need to grab other things with "Cellular" in
    them.
    " AND Description LIKE'Cellular Roaming Charges'" & _
     
    , Feb 7, 2006
    #1
    1. Advertising

  2. wrote:
    > sSQL = "SELECT *" & _
    > " FROM 06_Statements" & _
    > " WHERE [Billing Date] = '23-DEC-2005'" & _
    > " And [Total Charge] > 0" & _
    > " AND Description LIKE'Cellular" & "*" & "'" & _
    > " ORDER BY [Service Number]"
    > set rs = Connect.Execute(sSQL)
    >
    > Can someone tell me what's wrong wth this?
    > " AND Description LIKE'Cellular" & "*" & "'" & _
    >
    > I've also tried
    > " AND Description LIKE'Cellular*'" & _
    > as well as other versions.
    >
    > This works find but I need to grab other things with "Cellular" in
    > them.
    > " AND Description LIKE'Cellular Roaming Charges'" & _



    When running queries via ADO, you must use ODBC wildcards (% and _) instead
    of (* and ?) regardless of what database backend you are using.

    Having said that, your use of dynamic sql is leaving you open to hackers
    using sql injection as well as performance impairment. You should consider
    using parameters instead:
    http://groups-beta.google.com/group/microsoft.public.inetserver.asp.db/msg/72e36562fee7804e
    --
    Microsoft MVP -- ASP/ASP.NET
    Please reply to the newsgroup. The email account listed in my From
    header is my spam trap, so I don't check it very often. You will get a
    quicker response by posting to the newsgroup.
     
    Bob Barrows [MVP], Feb 7, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lee Simpson

    Re: Formatting string in WHERE clause

    Lee Simpson, Jul 18, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    1,261
    Lee Simpson
    Jul 18, 2003
  2. Jan
    Replies:
    2
    Views:
    1,439
    Mike Treseler
    Dec 16, 2004
  3. bxbxb3

    "else process" clause

    bxbxb3, May 26, 2005, in forum: VHDL
    Replies:
    3
    Views:
    666
    combinational.logic $ soc-ip.com
    May 27, 2005
  4. crazyrdx

    use clause

    crazyrdx, Aug 30, 2005, in forum: VHDL
    Replies:
    1
    Views:
    625
  5. Yaroslav
    Replies:
    2
    Views:
    436
Loading...

Share This Page